I’m building a React.js hybrid app with the Okta login react widget. I’m wrapping the React.js SPA with Cordova.

It’s working fine in a desktop browser but when I deploy to an iOS device I get the following error when attempting to login:

2018-02-23 11:17:26.749707-0800 PartnerTap[4897:2583852] login error: UNSUPPORTED_BROWSER_ERROR: There was an error sending the request - have you enabled CORS?

I don’t have any issue hitting out own REST api from the app. Any ideas?

I will add some more debugging to see why the browser check is failing.


If you can get the actual CORS error, you will be able to whitelist in Okta. The Authentication API that the widget uses sends CORS headers:

Thanks for the quick reply. Can I set a wild card origin? I’m pretty sure cordova origin is something crazy like file://foobar

I think Cordova sends file://. You could try using it’s inApp browser like I did in this post on Ionic (which also uses Cordova).

Will Cordova or Ionics origin: file:// ever be supported by Okta? I would really like to use the okta-signin-widget for all platforms rather than redirecting using the in-app browser.

I noticed Auth0 supports Cordova and Ionic They allow the white listing of file://*

@jarbot did you ever get this figured out? I am looking into the same thing.

@whodeee I’m not aware of any changes to the Okta platform that allows the use of their widget in Cordova apps, which is unfortunate. I used the dirty in-app browser hack to handle retrieving the tokens after login.

@jarbot can you expand on that a bit? I am trying to work through the in-app browser and I think I am running into redirectUri issues. Can you post what your solution was at all?